Defining Objectives

Last week we talked about building the foundation of our management system - defining who we are and what we are as a business, who our stakeholders are, and what processes we want our systems to cover (change management, continuous improvement, and so on).

Today we'll look at the next step. We now have the highest level idea of where we want to go, but for our BMS (Business Management System) to be useful we need a more detailed view.

Whichever aspect of our management system we're looking at, objectives come next. Objectives are based around fulfilling the interests of the different stakeholders, both internal and external.

As much as I dislike the acronym and its overuse, SMART objectives or goals are important. For anyone who hasn't come across it (or had it beaten into them by overuse) SMART standards for:

• Specific: Narrow rather than broad - if I was a supervillain the objective of building a death ray is much more specific than taking over the world, if there are broader goals then break them down into specific steps.
• Measurable: Beware Goodhart's law here (we'll cover that when talking about KPIs later), but your objectives should be something that lead to a concrete change in the world rather than abstract. Having more abstract values is fine (in fact it's great), but they don't belong in your objectives - they belong in your mission statement.
• Attainable: Your objectives must be something that can be done, in a reasonable time frame, with the resources you have available. If they're too big, break them down into smaller steps - the bigger step can live outside your management system in your strategic planning.
• Relevant: Not just relevant to your organisation, but also to the management system you are building. Your management system does not have to cover every aspect of what you want to do - they require effort to build and maintain, and so you should cover the areas that you want to prioritise improvement in. Due to the way we work, the environmental impact of our business is almost non-existent, so building an extensive list of environmental objectives into our management system would be excessive and largely irrelevant.
• Time-bound: Timelines are important, you need to be able to say at a certain point whether or not you have completed your objectives. Without a timeline, they're indefinite and meaningless.

It's also important to make sure your full set of objectives are realistic. If you're a massive multinational with a headcount in the thousands then you can realistically set and expect to achieve a lot more objectives in a year than we could as a microbusiness.

The aim is to have objectives that you will need to stretch to achieve, but not ones that are impossible. Setting impossible objectives rapidly leads to learned helplessness as they're simply not achievable, and constant inevitable failure gets wearing. You'll hit the same problem if you set too many objectives.

Leaning on adoptech, we'll grab their template for objective setting - focusing at this early stage on quality and security (some of which will crossover).

Bores Objectives for 2024/25

We're setting objectives for the next year, so into summer 2025. An initial set might look like the tables below, covering both Security and Quality objectives.

Now that we've got the objectives, targets to tell us whether or not they're met, and owners to keep chasing them and be held accountable, we need to create KPIs. This is where we get into Goodhart's law.

KPIs and Goodhart's Law

Goodhart's law tells us:

"When a measure becomes a target, it ceases to be a good measure."

This lesson plays out across management systems across the world. If compliance and certification are the target, instead of instilling good management practices, we end up with superficial, overly-burdensome management systems (something we've encountered and helped to fix more than once).

The paradox is that we do need measures to make our objectives meaningful - if we can't measure it, it's meaningless. Goodhart's law is more about the measures not being accepted as grand, ultimate truth. Instead we need to remember that they are only a proxy for what we are really trying to measure, and we should place them under constant re-evaluation and re-assessment.

Luckily for microbusinesses this is easier than for larger organisations. Since all of us are involved in determining the KPIs, there's no sense of them being an externally-enforced set of objective measures. From experience it's this concept of external objectivity that can lead to measures becoming targets, as the sense of hierarchy places them beyond any criticism while those who set them are not involved enough in the actual work to recognise their flaws.

Adoptech does provide a template for KPIs, but rather than using it as-is we'll be adapting it into a PowerBI report. We're not going into the full engineering of this report for now, as it won't be finished for some time (KPIs are meaningless until they've been running for a while) but the underlying data is currently a fairly straightforward spreadsheet with manual updating to get us started.

All we need is a good-enough starting point - any good ISMS is about continuous improvement rather than insisting on perfection from the beginning.

Our next step will be to start digging into policy definitions, so subscribe if you want to keep following along.